Executive Summary
In April 2026, a sophisticated supply chain attack targeted SAP's Cloud Application Programming Model (CAP) by compromising four official npm packages: @cap-js/sqlite v2.2.2, @cap-js/postgres v2.2.2, @cap-js/db-service v2.10.1, and mbt v1.2.48. The attackers, identified as TeamPCP, injected malicious 'preinstall' scripts into these packages, which, upon installation, executed a multi-stage payload designed to steal a wide array of credentials from developers' systems and CI/CD environments. The stolen data included npm and GitHub authentication tokens, SSH keys, and cloud credentials for AWS, Azure, and Google Cloud. The malware also attempted to extract secrets directly from the CI runner's memory, bypassing standard log masking mechanisms. The exfiltrated data was encrypted and uploaded to public GitHub repositories under the victim's account, with descriptions indicating the presence of 'A Mini Shai-Hulud.' This incident underscores the escalating threat of supply chain attacks targeting widely-used development tools and the necessity for robust security measures in software development pipelines.
Why This Matters Now
The 'Mini Shai-Hulud' attack highlights the increasing sophistication of supply chain attacks targeting widely-used development tools. Organizations must enhance their security measures to protect against such threats, especially in the context of the growing reliance on open-source packages in enterprise development.
Attack Path Analysis
Attackers compromised official SAP npm packages, embedding malicious preinstall scripts to execute credential-stealing payloads upon installation. The payloads harvested sensitive credentials from developer machines and CI/CD environments, escalating privileges by accessing cloud service accounts. Using the stolen credentials, attackers moved laterally within cloud environments, accessing additional resources. They established command and control by exfiltrating data to attacker-controlled GitHub repositories. Sensitive data, including authentication tokens and cloud credentials, were exfiltrated. The attack resulted in unauthorized access to critical systems and potential data breaches.
Kill Chain Progression
Initial Compromise
Description
Attackers compromised official SAP npm packages, embedding malicious preinstall scripts to execute credential-stealing payloads upon installation.
MITRE ATT&CK® Techniques
Compromise Software Dependencies and Development Tools
JavaScript
Credentials in Files
Private Keys
Credentials from Web Browsers
Archive via Utility
Exfiltration Over C2 Channel
Web Protocols
Potential Compliance Exposure
Mapping incident impact across multiple compliance frameworks.
PCI DSS 4.0 – Ensure all system components and software are protected from known vulnerabilities
Control ID: 6.2
NYDFS 23 NYCRR 500 – Cybersecurity Policy
Control ID: 500.03
DORA – ICT Risk Management Framework
Control ID: Article 6
CISA ZTMM 2.0 – Implement Supply Chain Risk Management
Control ID: Supply Chain Risk Management
NIS2 Directive – Cybersecurity Risk Management Measures
Control ID: Article 21
Sector Implications
Industry-specific impact of the vulnerabilities, including operational, regulatory, and cloud security risks.
Computer Software/Engineering
SAP npm package compromise directly impacts software development workflows, exposing developer credentials, CI/CD secrets, and cloud authentication tokens through supply-chain attacks.
Information Technology/IT
IT infrastructure faces credential theft risks from compromised development tools, affecting AWS/Azure/GCP access, Kubernetes configurations, and enterprise authentication systems management.
Financial Services
Banking systems using SAP enterprise applications vulnerable to supply-chain attacks compromising development environments, potentially exposing customer data and payment processing credentials.
Health Care / Life Sciences
Healthcare organizations using SAP CAP development frameworks face HIPAA compliance violations through credential theft and unauthorized access to patient data systems.
Sources
- Official SAP npm packages compromised to steal credentialshttps://www.bleepingcomputer.com/news/security/official-sap-npm-packages-compromised-to-steal-credentials/Verified
- Mini Shai-Hulud Targets SAP npm Packages With a Bun-Based Secret Stealerhttps://www.aikido.dev/blog/mini-shai-hulud-has-appearedVerified
- TeamPCP-Linked Supply Chain Attack Hits SAP CAP and Cloud MTA npm Packageshttps://socket.dev/blog/sap-cap-npm-packages-supply-chain-attackVerified
Frequently Asked Questions
Cloud Native Security Fabric Mitigations and ControlsCNSF
Aviatrix Zero Trust CNSF is pertinent to this incident as it could have constrained the attacker's ability to move laterally and exfiltrate data by enforcing strict segmentation and controlled egress policies.
Control: Cloud Native Security Fabric (CNSF)
Mitigation: The CNSF may have limited the reach of malicious scripts by enforcing strict workload isolation, reducing the potential for credential theft.
Control: Zero Trust Segmentation
Mitigation: Zero Trust Segmentation would likely have constrained unauthorized access to cloud service accounts by enforcing identity-aware access controls.
Control: East-West Traffic Security
Mitigation: East-West Traffic Security may have restricted lateral movement by monitoring and controlling internal traffic flows.
Control: Multicloud Visibility & Control
Mitigation: Multicloud Visibility & Control would likely have detected and constrained unauthorized data exfiltration to external repositories.
Control: Egress Security & Policy Enforcement
Mitigation: Egress Security & Policy Enforcement may have limited data exfiltration by enforcing strict outbound traffic policies.
The implementation of CNSF controls would likely have reduced the scope of unauthorized access and minimized the potential impact of data breaches.
Impact at a Glance
Affected Business Functions
- Software Development
- Continuous Integration/Continuous Deployment (CI/CD) Pipelines
- Cloud Application Deployment
Estimated downtime: 3 days
Estimated loss: $50,000
Potential exposure of developer credentials, including npm and GitHub authentication tokens, SSH keys, and cloud service credentials for AWS, Azure, and Google Cloud.
Recommended Actions
Key Takeaways & Next Steps
- • Implement Zero Trust Segmentation to restrict lateral movement within cloud environments.
- • Enforce Egress Security & Policy Enforcement to monitor and control outbound traffic, preventing unauthorized data exfiltration.
- • Utilize Multicloud Visibility & Control to detect anomalous interactions and repeated malformed requests.
- • Deploy Threat Detection & Anomaly Response systems to identify and respond to credential theft and unauthorized access.
- • Regularly audit and monitor CI/CD pipelines for unauthorized changes and embedded malicious scripts.
